145 lines
2.9 KiB
Markdown
145 lines
2.9 KiB
Markdown
|
# Niver setup on Debian 11 (bullseye)
|
||
|
|
||
|
```
|
||
|
# apt install tor knot openssh-server sudo nginx certbot python3-certbot-nginx php7.4-fpm php-sqlite3 quota
|
||
|
```
|
||
|
|
||
|
## Create system users
|
||
|
|
||
|
```
|
||
|
# useradd -U -r -s /usr/sbin/nologin <username>
|
||
|
```
|
||
|
|
||
|
## Twins
|
||
|
|
||
|
```
|
||
|
$ wget https://golang.org/dl/go1.16.7.linux-amd64.tar.gz -o go.tar.gz
|
||
|
$ tar -xf go.tar.gz
|
||
|
$ go/bin/go get code.rocketnine.space/tslocum/twins
|
||
|
$ cp go/bin/twins /usr/local/bin/
|
||
|
```
|
||
|
|
||
|
## maniver
|
||
|
|
||
|
Installation
|
||
|
```
|
||
|
# apt install gcc git
|
||
|
$ git clone https://code.antopie.org/Niver/maniver && cd maniver
|
||
|
$ curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
|
||
|
$ cargo build --release
|
||
|
# cp target/release/maniver /usr/local/bin/
|
||
|
# chown root:php-niver /usr/local/bin/maniver
|
||
|
# chmod 750 /usr/local/bin/maniver
|
||
|
```
|
||
|
|
||
|
Update
|
||
|
```
|
||
|
$ git fetch
|
||
|
$ rustup update
|
||
|
$ cargo update
|
||
|
$ cargo build --release
|
||
|
# cp target/release/maniver /usr/local/bin/
|
||
|
```
|
||
|
|
||
|
## gmnisrv
|
||
|
|
||
|
```
|
||
|
# apt install git make pkg-config libssl-dev scdoc
|
||
|
$ git clone https://git.sr.ht/~sircmpwn/gmnisrv # Download gmnisrv sources
|
||
|
$ mkdir gmnisrv/build
|
||
|
$ cd gmnisrv/build
|
||
|
$ ../configure --prefix=/usr # Check gmnisrv dependencies and setup files needed for building
|
||
|
$ make # Build gmnisrv
|
||
|
# make install # Install gmnisrv binary and manpages on the system
|
||
|
# useradd -U -r -s /usr/sbin/nologin gmnisrv # Add the gmnisrv system user and group
|
||
|
# vim /etc/systemd/system/gmnisrv.service
|
||
|
```
|
||
|
|
||
|
```
|
||
|
[Unit]
|
||
|
Description=Gmnisrv, a Gemini server
|
||
|
After=network.target
|
||
|
Wants=network.target
|
||
|
|
||
|
[Service]
|
||
|
Type=simple
|
||
|
ExecStart=/usr/local/bin/gmnisrv
|
||
|
Restart=always
|
||
|
User=gmnisrv
|
||
|
Group=gmnisrv
|
||
|
WorkingDirectory=/srv/ht
|
||
|
|
||
|
[Install]
|
||
|
WantedBy=multi-user.target
|
||
|
```
|
||
|
```
|
||
|
# systemctl daemon-reload
|
||
|
# mkdir -p /srv/gmi/niver.4.niv.re
|
||
|
# echo "This is a testing Gemini capsule" > /srv/gmi/niver.4.niv.re/index.gmi
|
||
|
# mkdir /var/lib/gemini
|
||
|
# chmod -R 700 /var/lib/gemini
|
||
|
# chown -R gmnisrv:gmnisrv /var/lib/gemini
|
||
|
# vim /etc/gmnisrv.ini
|
||
|
```
|
||
|
|
||
|
```
|
||
|
# Space-separated list of hosts
|
||
|
listen=0.0.0.0:1965 [::]:1965
|
||
|
|
||
|
[:tls]
|
||
|
# Path to store certificates on disk
|
||
|
store=/var/lib/gemini
|
||
|
|
||
|
[niver.4.niv.re]
|
||
|
root=/srv/gmi/niver.4.niv.re
|
||
|
```
|
||
|
|
||
|
|
||
|
## SFTP
|
||
|
|
||
|
```
|
||
|
# groupadd ht
|
||
|
```
|
||
|
|
||
|
## Quota
|
||
|
|
||
|
```
|
||
|
# quotacheck -cm /
|
||
|
# vim /etc/fstab
|
||
|
```
|
||
|
|
||
|
UUID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx / ext4 usrquota,grpquota,errors=remount-ro 0 1
|
||
|
|
||
|
## Knot DNS
|
||
|
|
||
|
```
|
||
|
# sudo -u knot knotc conf-init
|
||
|
# sudo -u knot knotc conf-import <path to default niver knot conf>
|
||
|
```
|
||
|
|
||
|
## Nginx
|
||
|
|
||
|
Generate a self-signed certificate for default Nginx site.
|
||
|
```
|
||
|
# openssl req -subj '/' -new -newkey RSA:3072 -days 3650 -nodes -x509 -keyout /etc/ssl/private/niver.key -out /etc/ssl/certs/niver.crt
|
||
|
```
|
||
|
|
||
|
## Niver-PHP
|
||
|
|
||
|
```
|
||
|
# chown -R root:root /usr/local/share/niver
|
||
|
# chmod -R u=rwX,go=rX /usr/local/share/niver
|
||
|
# mkdir /etc/nginx/ht
|
||
|
# chown -R php-niver:php-niver /etc/nginx/ht
|
||
|
# chmod -R 775 /etc/nginx/ht
|
||
|
```
|
||
|
|
||
|
Increase `session.gc_maxlifetime` in /etc/php/7.4/fpm/php.ini to avoid sessions being cleared too soon.
|
||
|
|
||
|
## Tor
|
||
|
|
||
|
This command only exist on Debian
|
||
|
```
|
||
|
# tor-instance-create niver
|
||
|
```
|